November 4, 2015 By Douglas Bonderud 2 min read

Wall Street is changing. Gone are the days of unfettered investments and unbridled hope, having been replaced by the challenges of socially connected global markets and emerging cybersecurity threats. Now, major player Goldman Sachs is pouring $35 million of Series A funding into startup iboss Cybersecurity. Will the spend help solidify the role of Goldman Sachs in the new financial market?

Staying Relevant With a Startup

For financial intermediaries like Goldman Sachs, which has evolved from a private partnership to holding company and now acts at intermediary between buyers and sellers of financial securities, Wall Street’s inevitable march into the digital age begs the question: Are these companies still relevant?

Sachs’ president, Gary D. Cohn, thinks so. As noted by The New York Times, Cohn believes the company will “adapt and survive” in this new market. He argued that buyers and sellers will always need an intermediary since “no one can ever really agree on price or terms.”

But along with effective mediation, companies also want assurances that Goldman Sachs’ cybersecurity is up to par. If financial data isn’t effectively safeguarded, the ability to negotiate a good deal for both sides won’t be enough to keep the intermediary afloat.

The New Deal

Investing in iboss is a critical step forward if Goldman Sachs wants to stay relevant. But what makes the offering so special and worth $35 million in Series A funding? According to Forbes, the startup is an oddity; created by twin brothers Paul and Peter Martini in 2003, iboss has grown without the benefit of outside capital to a $50 million predicted revenue this year.

What’s more, the company is generating revenue profitably and has no current debt. It’s no surprise, then, that the brothers have been turning down investment requests — “We’ve been solicited almost every day probably,” Peter said — but took up Goldman Sachs on their offer as a way to grow internationally and develop a cloud-based version of their hardware appliance.

The appliance and upcoming cloud offering are the other standout aspect of iboss. Rather than taking a perimeter-based approach to cybersecurity, which attempts to stop malicious code at the gate, the platform is designed to detect precursor signs of data exfiltration in addition to providing visibility into critical corporate systems.

The Martini brothers view their product as an alarm system designed to go off when cybercriminals go after an organization’s most valuable resource — data — instead of every time a piece of malicious code touches the network border. The fundamental idea here is getting specific rather than generalizing and targeting attacks in progress rather than wasting resources on potentially benign code.

With their investment, Goldman Sachs gets a minority stake in iboss, which by all accounts is the unicorn of startups: both bootstrapped and profitable. For Sachs to adapt and thrive in a changing Wall Street landscape, something like iboss is a necessary risk. But only time will tell if the company’s anomaly detection model can deliver the kind of gold standard performance Goldman Sachs needs to stay relevant, secure and profitable.

More from

SoaPy: Stealthy enumeration of Active Directory environments through ADWS

10 min read - Introduction Over time, both targeted and large-scale enumeration of Active Directory (AD) environments have become increasingly detected due to modern defensive solutions. During our internship at X-Force Red this past summer, we noticed FalconForce’s SOAPHound was becoming popular for enumerating Active Directory environments. This tool brought a new perspective to Active Directory enumeration by performing collection via Active Directory Web Services (ADWS) instead of directly through Lightweight Directory Access Protocol (LDAP) as other AD enumeration tools had in the past.…

Smoltalk: RCE in open source agents

26 min read - Big shoutout to Hugging Face and the smolagents team for their cooperation and quick turnaround for a fix! Introduction Recently, I have been working on a side project to automate some pentest reconnaissance with AI agents. Just after I started this project, Hugging Face announced the release of smolagents, a lightweight framework for building AI agents that implements the methodology described in the ReAct paper, emphasizing reasoning through iterative decision-making. Interestingly, smolagents enables agents to reason and act by generating…

4 ways to bring cybersecurity into your community

4 min read - It’s easy to focus on technology when talking about cybersecurity. However, the best prevention measures rely on the education of those who use technology. Organizations training their employees is the first step. But the industry needs to expand the concept of a culture of cybersecurity and take it from where it currently stands as an organizational responsibility to a global perspective.When every person who uses technology — for work, personal use and school — views cybersecurity as their responsibility, it…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today